Information and Cybersecurity Unit Manager

Client of Kalamntina

Responsibilities:

• Develop and maintain cybersecurity strategies, policies, standards, procedures, and governance frameworks aligned with business objectives and regulatory requirements.
• Lead the organization's cyber risk management program, ensuring integration with enterprise risk management and business planning.
• Conduct and oversee cybersecurity risk assessments across internal systems, departments, and third parties; recommend and monitor appropriate mitigation measures.
• Define cybersecurity requirements for new and existing business initiatives, and manage the classification of systems and information assets.
• Oversee the implementation of technical and administrative security controls, and review requests for control exceptions based on business needs and risk appetite.
• Continuously monitor IT systems and networks for security threats, leveraging threat intelligence, analytics, and detection tools to ensure timely incident identification and response.
• Manage the end-to-end incident response process including containment, investigation, recovery, and post-incident review; fulfill external reporting obligations such as to Jo-FinCERT.
• Act as the main liaison with Jo-FinCERT and other national or sectoral cybersecurity centers, ensuring timely coordination and communication.
• Track and report on cybersecurity KPIs and KRIs; regularly update senior leadership and the Board on program performance, risks, incidents, and compliance gaps.
• Implement and monitor compliance with internal cybersecurity policies and relevant laws, standards, and industry frameworks.
• Lead the design and delivery of cybersecurity awareness and training programs across the organization, ensuring employees understand their roles in maintaining security.
• Stay informed on emerging threats, vulnerabilities, and best practices, and integrate findings into security strategy and planning.